oss-sec mailing list archives
Re: CVE request: oping allows the disclosure of arbitrary file contents
From: yersinia <yersinia.spiros () gmail com>
Date: Sat, 17 Oct 2009 10:20:38 +0200
On Fri, Oct 16, 2009 at 10:06 PM, Josh Bressers <bressers () redhat com> wrote:
----- "Julien Tinnes" <julien.tinnes () gmail com> wrote:On Thu, Oct 15, 2009 at 4:34 PM, Josh Bressers <bressers () redhat com> wrote:----- "Julien Tinnes" <jt () cr0 org> wrote:in case anyone cares, oping also attempts to drop privileges with setuid(getuid()); without checking setuid()'s return value.Does that have any security implications though? I've not looked at the app. If it's a security problem, I'll give it a CVE id.I didn't really look either. Because of this, everything will run as root while it shouldn't, but an attacker might need a second bug to elevate privileges. I would still consider it a security problem.I took a look in the oping source. Without another security flaw, this is just a bug, oping doesn't do anything while still root that could be an issue. I agree that it should be fixed, it is a serious bug, but an attacker cannot do anything nefarious with this flaw.
I think that the upstream mantainer should be have the last word http://verplant.org/liboping/
I'm happy to let Steve overrule me if he wishes, but I'm not going to assign this a CVE id. -- JB
Current thread:
- Re: CVE request: oping allows the disclosure of arbitrary file contents Julien Tinnes (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Julien Tinnes (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Oct 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Steven M. Christey (Oct 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents yersinia (Oct 17)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Steven M. Christey (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents security curmudgeon (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Steven M. Christey (Nov 09)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Julien Tinnes (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Oct 15)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Josh Bressers (Nov 16)
- Re: CVE request: oping allows the disclosure of arbitrary file contents Tomas Hoger (Nov 17)